DEBIAN-CVE-2017-11746

Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a "kill cat /pathname/tenshi.pid" command...

CVE-2017-11746

Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a "kill cat /pathname/tenshi.pid" command...

CVE-2017-11747

main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...

UBUNTU-CVE-2017-11746

Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a "kill cat /pathname/tenshi.pid" command...

CVE-2017-11747

CVE-2017-11747 affects Tinyproxy (1.8.4 and older): main.c creates /run/tinyproxy/tinyproxy.pid after dropping privileges to a non-root account, allowing local users to modify the PID file and potentially kill the process via a root script that executes kill cat /run/tinyproxy/tinyproxy.pid. Seve...

Petya Is Not Ransomware, It's a 'Wiper'

The outbreak of the ExPetr malware isn’t a ransomware attack, but more precisely, it’s a wiper attack that sabotaged PCs globally, overwriting their Master Boot Record forever. That’s the analysis of security experts from Kaspersky Lab and Comae Technologies who shared their latest research on th...

Breaking the attack chain

The attack chain. It’s a term used often in infosecurity. Also known as the kill chain, it was originally used as a military concept to describe the structure of an attack. It serves the same function in cybersecurity, where various methods of malware infiltration, deployment, and execution are...

The Latest on WannaCry, UIWIX, EternalRocks and ShadowBrokers

Ransomware has gained global attention over the course of the last two weeks due to the huge spread of WannaCry. Following the initial attacks, we’ve seen UIWIX, Adylkuzz and now EternalRocks come onto the scene leveraging the same core set of vulnerabilities. The common thread between the three...

Digging Into WannaCry Details: Answers to Your Burning Questions

Jimmy Graham, Director of Product Management, Qualys Threat Protection & AssetView The WannaCry ransomware attack spread so quickly and has been so disruptive that IT departments can’t get enough information about what caused it, how it can be remediated and what can be done to protect their...

Using Threat Intelligence to Mitigate Wanna Decryptor (WannaCry)

Basics of Cyber Threat Intelligence Cyber Threat Intelligence is analyzed information about the opportunities, capabilities, and intent of cyber adversaries. The goal of cyber threat intelligence is to help people make decisions about how to prevent, detect, and respond to threats against their...

WannaCry: What We Know

On Friday, May 12, news agencies around the world reported that a new ransomware threat was spreading rapidly. Akamai's incident response teams and researchers worked quickly to understand this new threat and how to mitigate it. This blog post is a summary of what Akamai knows at this point...

util-linux: Sending SIGKILL to other processes with root privileges via su

A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions...

openSUSE Security Update : irssi (openSUSE-2017-241)

The IRC textmode client irssi was updated to version 1.0.1 to fix bugs and security issues. irssi 1.0.1 : - Fix Perl compilation in object dir - Fix incorrect HELP SERVER example - Correct memory leak in /OP and /VOICE - Fix regression that broke second level completion - Correct missing NULL...

Advanced Desktop Locker Lock Screen Bypass Vulnerability

Advanced Desktop Locker is a desktop protection tool that bypasses screen protection by killing the Advanced Desktop Locker process. Advanced Desktop Locker suffers from a lock screen bypass vulnerability that can be exploited by attackers to bypass the lock screen...

Cumulative Update for Windows 10: January 12, 2016

Cumulative Update for Windows 10: January 12, 2016 Summary This security update for Windows 10 includes improvements in the functionality of Windows 10 and resolves the following vulnerabilities in Windows: 3124605 MS16-008: Security Update for Windows kernel to address elevation of privilege:...

Cumulative Update for Windows 10 Version 1511: January 12, 2016

Cumulative Update for Windows 10 Version 1511: January 12, 2016 Summary This security update for Windows 10 Version 1511 includes improvements in the functionality of Windows 10 Version 1511 and resolves the following vulnerabilities in Windows: 3124605 MS16-008: Security update for Windows kerne...

Microsoft Security Advisory: Update Rollup for ActiveX Kill Bits

Microsoft Security Advisory: Update Rollup for ActiveX Kill Bits Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, visit the following Microsoft website...

kernel: ALSA: Use-after-free in kill_fasync

A use-after-free vulnerability was found in ALSA pcm layer, which allows local users to cause a denial of service, memory corruption, or possibly other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely...

Beware — Someone is dropping Malware-infected USB Sticks into People's Letterbox

Hey! Wait! Wait! Wait! Don't plug in that USB stick into your laptop. It could infect your computer with malware and viruses. Australia's Victoria Police Force has issued a warning regarding unmarked USB flash drives containing harmful malware being dropped inside random people's letterboxes in t...

Oh, It's On Sale! USB Kill to Destroy any Computer within Seconds

Remember Killer USB stick? A proof-of-concept USB prototype that was designed by a Russian researcher, Dark Purple, last year, to effectively destroy sensitive components of a computer when plugged in. Now, someone has actually created the Killer USB stick that destroys almost anything – such as...